Hello. I am playing around with the scripting function
system.security.getUserRoles(username, password, authProfile) using an AD as my User Source.
I am curious whether rules for lockout of accounts can be set at the gateway level, or they only come from the AD settings.
Came up with this question because according to a client, their AD will temporarily lockout at 5 unsuccessful logins, but I’m seeing it happen at 1 unsuccessful login.
Edit your user source and look at what your lockout is set to. This is assuming your using the classic auth strategy since you mentioned AD user soruce.
There’s actually two lockouts, on at the AD level and the one @bpreson mentions at the Ignition user source level. I don’t know if locking out at the AD level will also lock you out of ignition, but getting locked out in Ignition wont lock you out at AD.
Thank you! I don’t know why I couldn’t find this when I was looking through my gateway settings.
The gateway lockouts were disabled so looks like it wasn’t happening at the gateway level.